<? require_once("sitemap.php"); ?>
<?
$action="start";

if (!empty($_POST['action']))
{
	$action = $_POST['action'];
}
?>
<html>
	<title><? echo (":" . $HTTP_SERVER_VARS['REMOTE_USER'] . ": ". $Botname); ?>'s EL-BOT sale Management</title>
<body>
	<h1><? echo ($Botname); ?>'s EL-BOT Tradelist Management - sale</h1>
	<form method="post" action="sale.php"><input type="submit" name="submit" value="RELOAD"><input type="hidden" name="action" value="refresh"></form>
	<?
	if ($action=="remove")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		$id=intval(mysql_real_escape_string($_POST['id']));
		$sql = "DELETE FROM sellingitems WHERE id='$id';";
		$result = mysql_query($sql,$db);
	}
	if ($action=="update")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		if (empty($_POST['announce'])) {$announce = 0;} else {$announce = 1;} 
		
		$id=intval(mysql_real_escape_string($_POST['id']));
		$pricesale=floatval(mysql_real_escape_string($_POST['pricesale']));
		$pricesalemembers=floatval(mysql_real_escape_string($_POST['pricesalemembers']));
		$pricelistid=intval(mysql_real_escape_string($_POST['pricelistid']));
		$sql = "UPDATE pricelist SET pricesale='$pricesale', pricesalemembers='$pricesalemembers' WHERE id='$pricelistid';";
		$result = mysql_query($sql,$db);
		echo (mysql_error());
		$sql = "UPDATE sellingitems SET announce='$announce' WHERE id='$id';";
		$result = mysql_query($sql,$db);
		echo (mysql_error());		
	}
	if ($action=="add")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		$id=intval(mysql_real_escape_string($_POST['id']));
		$sql = "INSERT INTO sellingitems (pricelistid,announce,botid) VALUES ('$id',0,'$botid');";
		echo $sql;
		$result = mysql_query($sql,$db);
		echo (mysql_error());
	}
	?>
	<?
		$sql = "
SELECT sellingitems.id, knownitems.id, knownitems.name, knownitems.description, pricelist.pricesale, 
pricelist.pricesalemembers, pricelist.id FROM sellingitems,knownitems,pricelist 
WHERE sellingitems.pricelistid=pricelist.id AND pricelist.knownitemsid=knownitems.id 
AND sellingitems.botid=" . $botid . " ORDER BY (knownitems.name)";
		$result = mysql_query($sql,$db);
		echo (mysql_error());
	?>
<h2>Legend:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
	<tr>
			<td bgcolor="Red">No Items in Inventory</td>
			<td bgcolor="Green">Items are in Inventory</td>
		</tr>
	</table>
<h2>Tradelist - sale:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
		<tr bgcolor="Gray">
			<td>id</td>
			<td>name</td>
			<? // <td>description</td> ?>
			<td>quantity</td>
			<td><table border="0" cellpadding="0" cellspacing="0">
				<tr><td><input type="text" size=12 disabled value="sale"></td>
				<td><input type="text" size=12 disabled value="sale members"></td>
				<td>Update</td></tr>
			</table></td>
			<td>Functions</td>
		</tr>
		<?

			while ($myrow = mysql_fetch_row($result)) {

			$resultB = mysql_query("SELECT SUM(quantity) FROM inventory WHERE pos<37 AND botid = $botid AND knownitemsid=".$myrow[1]." ;",$db);
			$myrowB = mysql_fetch_row($resultB);
			
			$pricelistid = $myrow[8];
			$Maxquantity = $myrow[9];
			
			if (!empty($myrowB[0]))
			{
				$quantity = $myrowB[0];
			}
			else
			{
				$quantity = 0;
			}
		?>
		<tr <? if ($myrowB[0]) { echo ('bgcolor="Green"'); } else { echo ('bgcolor="Red"'); }?>>
			<td><?echo ($myrow[1])?></td>
			<td><?echo ($myrow[2])?></td>
			<? // <td> ?> <? // echo ($myrow[3])?><? // </td> ?>
			<td><?echo ($quantity)?></td>
			<td>
				<form method="post" action="<? echo $_SERVER['PHP_SELF']; ?>">
				<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
				<input type="hidden" name="pricelistid" value="<? echo ($myrow[6]) ?>">
				<input type="hidden" name="action" value="update">
				<input type="hidden" name="itemname" value="<? echo ($myrow[2]) ?>">
				<table border="0" cellpadding="0" cellspacing="0">
				<tr>
					<td><? //pricesale<br> ?><input type="text" size="12" name="pricesale" value="<?echo ($myrow[4])?>"></td>
					<td><? //pricesalemembers<br> ?><input type="text" size="12" name="pricesalemembers" value="<?echo ($myrow[5])?>"></td>
					<td><input type="submit" name="submit" value="UPDATE"></td>
				</tr>
				</table>
				</form>
			</td>
			<td>
				<form method="post" action="<? echo $_SERVER['PHP_SELF']; ?>">
					<input type="submit" name="submit" value="REMOVE">
					<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
					<input type="hidden" name="action" value="remove">
				</form>
			</td>
		</tr>
		<?
			}
		?>
	</table>
	
	
	<h2>Items available for sale:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
		<tr>
			<td>id</td>
			<td>name</td>

			<td>pricesale</td>
			<td>pricesalemembers</td>
			<td>pricepurchase</td>
			<td>Functions</td>
		</tr>
		<?php
		
		$result = mysql_query("SELECT pricelist.id, knownitems.name, knownitems.description, pricelist.pricesale, pricelist.pricesalemembers FROM knownitems,pricelist LEFT JOIN sellingitems ON sellingitems.pricelistid = pricelist.id WHERE pricelist.knownitemsid = knownitems.id AND (sellingitems.botid!=$botid OR sellingitems.pricelistid IS NULL) AND pricelist.botid=$botid AND knownitems.imageid!=3 ORDER BY knownitems.name;");

		while ($myrow = mysql_fetch_row($result))
		{
			$resultB = mysql_query("SELECT pricelist.id FROM pricelist,sellingitems WHERE sellingitems.pricelistid = pricelist.id AND sellingitems.botid = $botid AND pricelist.id = " . $myrow[0] . ";");
			if (mysql_num_rows($resultB)<1)
			{
		?>
		<tr>
			<form method="post" action="<? echo $_SERVER['PHP_SELF']; ?>">
				<input type="hidden" name="action" value="add">
				<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
				<td><?echo ($myrow[0])?></td>
				<td><?echo ($myrow[1])?></td>

				<td><?echo ($myrow[3])?></td>
				<td><?echo ($myrow[4])?></td>
				<td><?echo ($myrow[5])?></td>
				<td><input type="submit" name="submit" value="GO"></td>
			</form>
		</tr>
		<?
			}
		}
		?>
	</table>
</body>
</html>
